Items Tagged with "Stuxnet"

The International Telegraph Union is the world’s telecommunication governing body. The United States is actively resisting them as the governing body. With Kaspersky’s Gauss discovery, the United States’ argument grows weaker. The US recognizes the advantage it has by having de facto control over the internet...

Kaspersky Lab recently released a report on a new information-stealing malware they have named “Gauss" which is designed to collect information and send the data to its command-and-control servers. Gauss was predominantly on systems in the Middle East, but has also been detected on networks in the US...

Gauss collects network interface information, BIOS characteristics and computer drive details. Many ignore the aspect of modularity of the agent which may receive supplementary modules developed using the info acquired directly on the targets to conduct attacks against critical infrastructure...

Stuxnet showed that a nation-state was capable and willing to use an advanced cyber weapon against an adversary. With the world believing that the United States is responsible, the nation now has the highest level of credibility for willingness and capability to develop and use a cyber weapon. That is a strong deterrent...

We have opened Pandora’s box and there is no way to get what has escaped back in. We have given the weapon framework away due to the nature of the carrier. Even if Gauss is encrypted, it will be broken and then what? Unlike traditional weapons that destroy themselves, the malware we have sent can be reverse engineered...

Many companies will omit many details and shift-slash-skew agendas to meet their concerns. Those concerns will ALWAYS be financial ones. At this point it is obvious that they and only they are capable of detecting the unseen, unheard of, undetectable, uberfilthware capable of infecting curiousity on Mars...

August 06, 2012

Stuxnet, Flame, Duqu and Mahdi are but payloads of overall programs designed through the work of intelligence. The news, anti-virus firms, managed security companies and consultancies all focus on the malware and the code. They are missing the big picture...

In Middle East, the number of malware that have been developed for state sponsored projects surely represents an anomaly. All the examples provided are evidence of the intent of governments to hit their enemies in the cyberspace to steal sensitive information or to destroy their critical infrastructure...

"These certificates protect access to control systems. They protect access to a $400 billion market. They protect access to trading systems. They also protect access to machines that do things like turn generators off. If you issue a fraudulent certificate or you're lax... the consequences could be disastrous..."

"Almost all cyberattacks are 'to whom it may concern' but Stuxnet was a bullet with someone's name on it. Repeating something like Stuxnet or (computer virus) Flame will be much more difficult... But the defender needs to plug all holes, while the attacker need only find one..."

Cleaning up some of the malware on the Internet could be accomplished by what I term as “White-Celled” code -code that can detect, remove malware from machines and then remove itself. The propagation can be Worm-like, initiated by scanned findings or a redirect on the footprint of an attack source...

What makes this interesting is that they are declaring that non-combatants may also be actively targeted. In essence, they are putting the world on notice that if you’re involved with a cyber attack, part of a militia or a terrorist, you have a bull’s-eye on your head. No matter where you are. Plain and simple...

The discovery of new cyber weapons will be published with increasing frequency, the real question to ask is if the world is really prepared to respond to these attacks. The stakes are high, security is critical for every nation, and the whole world must be analyzed as a monolithic system...

“Our advice to ICS and SCADA network managers is to be informed of new threats like Flame, but be especially vigilant against the more conventional, widely understood threats. In all likelihood, a simple denial-of-service attack has a better chance of wreaking havoc on their network than Stuxnet or Duqu"...

The CIA, NSA and Microsoft created a completely separate operating system somewhere in the Beltway. Microsoft decided to give the agencies the specific code to make the rogue changes. Microsoft allowed the rogue system to be placed inside of their network and only allow a specific country to be infected...

The Indian government authorized two agencies to carry out state-sponsored attacks if necessary. The Indian National Security Council is currently finalizing plans that would give the Defense Intelligence Agency and National Technical Research Organization the power to carry out unspecified offensive operations...